FILE INFORMATION
File Name:
{{ file_name }}
Size:
{{ size }}
MD5:
{{ md5 }}
SHA1:
{{ sha1 }}
SHA256:
{{ sha256 }}
APP INFORMATION
App Name:
{{ app_name }}
Package Name:
{{ package_name }}
Main Activity:
{{ main_activity }}
Target SDK:
{{ target_sdk }}
Min SDK:
{{ min_sdk }}
Max SDK:
{{ max_sdk }}
Android Version Name:
{{ version_name }}
Android Version Code:
{{ version_code }}
APP COMPONENTS
Activities:
{{ activities | length }}
Services:
{{ services | length }}
Receivers:
{{ receivers | length }}
Providers:
{{ providers | length }}
Exported Activities:
0 %} class="danger" {% endif %}> {{ exported_count.exported_activities }}
Exported Services:
0 %} class="danger" {% endif %}> {{ exported_count.exported_services }}
Exported Receivers:
0 %} class="danger" {% endif %}> {{ exported_count.exported_receivers }}
Exported Providers:
0 %} class="danger" {% endif %}> {{ exported_count.exported_providers }}
CERTIFICATE INFORMATION
{% if certificate_analysis.certificate_info %}
{{ certificate_analysis.certificate_info }}
STATUS |
DESCRIPTION |
{% for find in certificate_analysis.certificate_findings %}
{% if find.0 == 'bad' %}
bad
{% elif find.0 == 'good' %}
secure
{% elif find.0 == 'warning' %}
warning
{% endif %}
|
{{ find.1 }} |
{% endfor %}
{% else %}
Failed to read Code Signing Certificate or none available.
{% endif %}
{% if permissions %}
APPLICATION PERMISSIONS
PERMISSION |
STATUS |
INFO |
DESCRIPTION |
{% for perm,desc in permissions.items %}
{{ perm }} |
{% if desc.status == 'dangerous' %}
dangerous
{% elif desc.status == 'normal' %}
normal
{% elif desc.status == 'signatureOrSystem' %}
SignatureOrSystem
{% elif desc.status == 'signature' %}
signature
{% elif desc.status == 'unknown' %}
unknown
{% endif %}
|
{{ desc.info }} |
{{ desc.description }} |
{% endfor %}
{% endif %}
{% if virus_total and virus_total.items|length > 9 and 'request successfully queued' not in virus_total.verbose_msg %}
VIRUSTOTAL SCAN
{{ virus_total.positives }} / {{ virus_total.total }}
AVs found this file Malicious!
{% if virus_total.positives %}
AV |
DETECTION |
{% for av_name,av_result in virus_total.scans.items %}
{% if av_result.detected == True %}
{{ av_name }}
|
{{ av_result.result }}
|
{% endif %}
{% endfor %}
{% endif %}
{% endif %}
{% if apkid %}
APKID ANALYSIS
FILE |
DETAILS |
{% if apkid %}
{% for file, details in apkid.items %}
{{file}}
|
FINDINGS |
DETAILS |
{% for detail, idens in details.items %}
{% if detail == "anti_vm" %}
Anti-VM Code
{% elif detail == "anti_disassembly" %}
Anti Disassembly Code
{% elif detail == "anti_debug" %}
Anti Debug Code
{% elif detail == "compiler" %}
Compiler
{% elif detail == "abnormal" %}
Abnormal Code
{% elif detail == "obfuscator" %}
Obfuscator
{% elif detail == "protector" %}
Protector
{% elif detail == "packer" %}
Packer Found
{% elif detail == "dropper" %}
Dropper Found
{% elif detail == "manipulator" %}
Manipulator Found
{% else %}
{{detail}}
{% endif %}
|
{% for idn in idens %} {{ idn }} {% endfor %} |
{% endfor %}
|
{% endfor %}
{% else %}
APKiD not enabled.
{% endif %}
{% endif %}
{% if browsable_activities %}
BROWSABLE ACTIVITIES
ACTIVITY |
INTENT |
{% for activity,intent_details in browsable_activities.items %}
{{activity}} |
{% if intent_details|key:"schemes" %}
Schemes:
{% for scheme in intent_details|key:"schemes" %}
{{scheme}},
{% endfor %}
{% endif %}
{% if intent_details|key:"hosts" %}
Hosts: {% for host in intent_details|key:"hosts" %}
{{host}},
{% endfor %}
{% endif %}
{% if intent_details|key:"ports" %}
Ports: {% for port in intent_details|key:"ports" %}
{{port}},
{% endfor %}
{% endif %}
{% if intent_details|key:"mime_types" %}
Mime Types: {% for mime in intent_details|key:"mime_types" %}
{{mime}},
{% endfor %}
{% endif %}
{% if intent_details|key:"paths" %}
Paths: {% for path in intent_details|key:"paths" %}
{{path}},
{% endfor %}
{% endif %}
{% if intent_details|key:"path_prefixs" %}
Path Prefixes: {% for prefix in intent_details|key:"path_prefixs" %}
{{prefix}},
{% endfor %}
{% endif %}
{% if intent_details|key:"path_patterns" %}
Path Patterns: {% for pattern in intent_details|key:"path_patterns" %}
{{pattern}},
{% endfor %}
{% endif %}
{% endfor %}
|
{% endif %}
NETWORK SECURITY
NO |
SCOPE |
SEVERITY |
DESCRIPTION |
{% for item in network_security %}
{{ forloop.counter }} |
{% for url in item.scope %}
{{ url }}
{% endfor %}
|
{% if item.severity == "high" %}
high
{% elif item.severity == "good" %}
good
{% elif item.severity == "info" %}
info
{% elif item.severity == "warning" %}
warning
{% endif %}
|
{{item.description }}
|
{% endfor %}
MANIFEST ANALYSIS
NO |
ISSUE |
SEVERITY |
DESCRIPTION |
{% for item in manifest_analysis %}
{{ forloop.counter }} |
{{item|key:"title" | safe}}
|
{% if item|key:"stat" == "high" %}
high
{% elif item|key:"stat" == "info" %}
info
{% elif item|key:"stat" == "medium" %}
medium
{% endif %}
|
{{item|key:"desc"}}
|
{% endfor %}
CODE ANALYSIS
NO |
ISSUE |
SEVERITY |
STANDARDS |
FILES |
{% for rule, details in code_analysis.items %}
{{ forloop.counter }} |
{% if details.metadata|key:"ref" %}
{{ details.metadata.description }}
{% else %}
{{ details.metadata.description }}
{% endif %}
|
{% if details.metadata.severity == "high" %}
high
{% elif details.metadata.severity == "good" %}
secure
{% elif details.metadata.severity == "warning" %}
warning
{% elif details.metadata.severity == "info" %}
info
{% endif %}
|
CVSS V2:
{{ details.metadata.cvss }}
{% if details.metadata.cvss > 6 %}
(high)
{% elif details.metadata.cvss == 0 %}
(info)
{% elif details.metadata.cvss >= 4 %}
(medium)
{% elif details.metadata.cvss < 4 %}
(low)
{% endif %}
{% if details.metadata.cwe %} CWE: {{ details.metadata.cwe }}{% endif %}
{% if details.metadata|key:"owasp-mobile" %} OWASP Top 10: {{ details.metadata|key:"owasp-mobile" }}{% endif %}
{% if details.metadata.masvs %} OWASP MASVS: {{ details.metadata.masvs }}{% endif %}
|
{% for file_path in details.files %}
{{ file_path }}
{% endfor %}
|
{% endfor %}
{% if binary_analysis %}
SHARED LIBRARY BINARY ANALYSIS
NO |
SHARED OBJECT |
NX |
STACK CANARY |
RELRO |
RPATH |
RUNPATH |
FORTIFY |
SYMBOLS STRIPPED |
{% if not binary_analysis %}
No Shared Objects found.
{% endif %}
{% for so in binary_analysis %}
{{ forloop.counter }} |
{{so.name}} |
{{so.nx.is_nx}}
{{so.nx.severity}}
{{so.nx.description}} |
{{so.stack_canary.has_canary}}
{{so.stack_canary.severity}}
{{so.stack_canary.description}} |
{{so.relocation_readonly.relro}}
{{so.relocation_readonly.severity}}
{{so.relocation_readonly.description}} |
{{so.rpath.rpath}}
{{so.rpath.severity}}
{{so.rpath.description}} |
{{so.runpath.runpath}}
{{so.runpath.severity}}
{{so.runpath.description}} |
{{so.fortify.is_fortified}}
{{so.fortify.severity}}
{{so.fortify.description}} |
{{so.symbol.is_stripped}}
{{so.symbol.severity}}
{{so.symbol.description}} |
{% endfor %}
{% endif %}
NIAP ANALYSIS v1.3
NO |
IDENTIFIER |
REQUIREMENT |
FEATURE |
DESCRIPTION |
{% for iden, details in niap_analysis.items %}
{{ forloop.counter }} |
{{ iden }}
|
{{ details.class }}
|
{{ details.description }}
|
{{ details.choice }}
|
{% endfor %}
{% if domains %}
DOMAIN MALWARE CHECK
DOMAIN |
STATUS |
GEOLOCATION |
{% for domain, details in domains.items %}
{{domain}} |
{% if details|key:"bad" == "yes" %}
malware
URL: {{details|key:"domain_or_url"}}
IP: {{details|key:"ip"}}
Description: {{details|key:"desc"}}
{% else %}
good
{% endif %}
|
{% if details|key:"geolocation" %}
IP: {{details|key:"geolocation"|key:"ip"}}
Country: {{details|key:"geolocation"|key:"country_long"}}
Region: {{details|key:"geolocation"|key:"region"}}
City: {{details|key:"geolocation"|key:"city"}}
Latitude: {{details|key:"geolocation"|key:"latitude"}}
Longitude: {{details|key:"geolocation"|key:"longitude"}}
View: Google Map
{% else %}
No Geolocation information available.
{% endif %}
|
{% endfor %}
{% endif %}
{% if urls %}
URLS
URL |
FILE |
{% for urldict in urls %}
{% for u in urldict|key:"urls" %}
{{ u }}
{% endfor %}
|
{{urldict|key:"path"}}
|
{% endfor %}
{% endif %}
{% if firebase_urls %}
FIREBASE DATABASES
FIREBASE URL |
DETAILS |
{% for item in firebase_urls %}
{{ item.url }}
|
{% if item.open %}
insecureFirebase DB is exposed publically.
{% else %}
infoApp talks to a Firebase Database.
{% endif %}
|
{% endfor %}
{% endif %}
{% if emails %}
EMAILS
EMAIL |
FILE |
{% for email_dict in emails %}
{% for em in email_dict|key:"emails" %}
{{ em }}
{% endfor %}
|
{{email_dict|key:"path"}}
|
{% endfor %}
{% endif %}
{% if trackers|key:"trackers" %}
TRACKERS
TRACKER |
URL |
{% for trk in trackers|key:"trackers" %}
{% for k, v in trk.items %}
{{k}}
|
{{v}}
|
{% endfor %}
{% endfor %}
{% endif %}
{% if secrets %}
HARDCODED SECRETS
POSSIBLE SECRETS |
{% for sec in secrets %}
{{ sec }}
|
{% endfor %}
{% endif %}
{% if not playstore_details.error %}
PLAYSTORE INFORMATION
Title:
{{ playstore_details.title }}
Score:
{{ playstore_details.score}}
Installs:
{{ playstore_details.installs }}
Price:
{{ playstore_details.price }}
Android Version Support:
{{ playstore_details.androidVersionText }}
Category:
{{ playstore_details.genre }}
Play Store URL:
{{ package_name }}
Developer Details:
{{playstore_details.developer}},
{{playstore_details.developerId}},
{{playstore_details.developerAddress }},
{{playstore_details.developerWebsite}},
{{playstore_details.developerEmail}},
Release Date:
{{ playstore_details.released }}
Privacy Policy:
Privacy link
Description:
{{ playstore_details.description }}
{% endif %}
App Security Score Calculation
Every app is given an ideal score of 100 to begin with.
For every findings with severity high we reduce 15 from the score.
For every findings with severity warning we reduce 10 from the score.
For every findings with severity good we add 5 to the score.
If the calculated score is greater than 100, then the app security score is considered as 100.
And if the calculated score is less than 0, then the app security score is considered as 10.
Risk Calculation
APP SECURITY SCORE |
RISK |
0 - 15 |
CRITICAL |
16 - 40 |
HIGH |
41 - 70 |
MEDIUM |
71 - 100 |
LOW |